REMARKS 

The Office Action dated May 28, 2008 has been received and carefully noted. The 
above amendments to the claims, and the following remarks, are submitted as a full and 
complete response thereto. 

Claims 1-2, 5-8, 12, 26, 28-29, 31-33, 35, and 37 are pending in the application. 
Claims 1-2, 5-8, 12, 26, 28-29, 31-33, 35, and 37 have been amended to more particularly 
point out and distinctly claim the subject matter of the invention. Claims 4, 9-10, 13-22, 
24, 27, 30, 34, and 36 have been canceled. Claims 38-57 have been added. Support for 
these amendments may be found throughout the Specification, such as in paragraph 
[0007], and [0020]- [0021]. No new matter is added. Applicant submits the pending 
claims for consideration in view of the following. 

§102 Reiection 

The Office Action rejected claims 1-10, 12-22, 26-27, and 29-37 under 35 U.S.C. 
§ 102(e) as being anticipated by Pirttimaa (US 2003/01544400). Applicant respectfully 
asserts that Pirttimma fails to disclose or suggest all the limitations of the rejected claims. 

Claim 1, upon which claims 2-3, 5-8, 12, 28, and 33 depend, is generally directed 
to a method that includes forwarding a prefix value to a node in a packet switched 
environment to create a security association with the node based on the prefix value, said 
prefix value referring to a portion of a first internet protocol address, wherein the security 
association is valid for a plurality of different internet protocol addresses, each of said 
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plurality of internet protocol addresses comprising said portion of the first internet 
protocol address to which the prefix value refers. 

Claim 26, upon which claims 35 and 42-51 depend, is generally directed to an 
apparatus that includes a transmitter configured to forward a prefix value to a node in a 
packet switched environment to create a security association with the node based on the 
prefix value, said prefix value referring to a portion of a first internet protocol address, 
wherein the security association is valid for a plurality of different internet protocol 
addresses, each of said plurality of internet protocol addresses comprising said portion of 
the first internet protocol address to which the prefix value refers. 

Claim 29 is generally directed to an apparatus that includes forwarding means for 
forwarding a prefix value to a node in a packet switched environment to create a security 
association with the node based on the prefix value, said prefix value referring to a 
portion of a first internet protocol address, wherein the security association is valid for a 
plurality of different internet protocol addresses, each of said plurality of internet 
protocol addresses comprising said portion of the first internet protocol address to which 
the prefix value refers. 

Claim 31, upon which claims 37 and 52-57 depend, is generally directed to an 
apparatus that includes a receiving unit configured to receive a prefix value fi-om a node 
in a packet switched environment, said prefix value referring to a portion of a first 
internet protocol, and a creation unit configured to create a security association between 
the node and the apparatus based on the prefix value, wherein the security association is 
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valid for a plurality of different internet protocol addresses, each of said plurality of 
internet protocol addresses comprising said portion of the first internet protocol address 
to which the prefix value refers. 

Claim 32 is generally directed to an apparatus that includes a receiving means for 
receiving a prefix value from a node in a packet switched environment, said prefix value 
referring to a portion of a first internet protocol address, and a creation means for creating 
a security association between the node and the apparatus based on the prefix value, 
wherein the security association is valid for a plurality of different internet protocol 
addresses, each of said plurality of internet protocol addresses comprising said portion of 
the first internet protocol address to which the prefix value refers. 

Claim 38, upon which claim 39 depends, is generally directed to a method that 
includes receiving a prefix value from a node in a packet switched environment, said 
prefix value referring to a portion of a first internet protocol address, creating a security 
association with the node based on the prefix value, wherein the security association is 
valid for a plurality of different internet protocol addresses, each of said plurality of 
internet protocol addresses comprising said portion of the first internet protocol address 
to which the prefix value refers. 

Claim 40 is generally directed to a computer program embodied on a computer- 
readable medium, the computer program configured to control a processor to perform 
operations comprising receiving a prefix value from a node in a packet switched 
environment, said prefix value referring to a portion of a first internet protocol address, 
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and creating a security association with the node based on the prefix value, wherein the 
security association is valid for a plurality of different internet protocol addresses, each of 
said plurality of internet protocol addresses comprising said portion of the first internet 
protocol address to which the prefix value refers. 

Claim 41 is generally directed to a computer program embodied on a computer- 
readable medium, the computer program configured to control a processor to perform 
operations comprising forwarding a prefix value to a node in a packet switched 
environment to create a security association with the node based on the prefix value, said 
prefix value referring to a portion of a first intemet protocol address, wherein the security 
association is valid for a plurality of different intemet protocol addresses, each of said 
plurality of intemet protocol addresses comprising said portion of the first intemet 
protocol address to which the prefix value refers. 

Each of the foregoing claims recites limitations that are not disclosed or suggested 
by Pirttimaa. 

Pirttimaa generally discloses a network element for providing secure access to a 
packet data network. In Pirttimaa, a first source information is derived from a message 
received fi:om a terminal device. The first source information is compared with a second 
source information derived from a packet data unit used for conveying said message, or 
derived from a security association set up between the terminal device and the data 
network. A protection processing for protecting the packet data network from a 
fi-audulent user attack is then initiated based on the comparing result. 
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However, Pirttimaa fails to disclose or suggest, at least, "forwarding a prefix value 
to a node in a packet switched environment to create a security association. . .based on the 
prefix value, said prefix value referring to a portion of a first internet protocol address, 
wherein the security association is valid for a plurality of different internet protocol 
addresses, each of said plurality of internet protocol addresses comprising said portion of 
the first internet protocol address to which the prefix value refers," as recited in claim 1, 
and as analogously recited in claims 26, 29, 31-32, 38, and 40-41. 

Pirttimaa, in Figure 2 and paragraph [0039], teaches that an initial step is to set up 
a security association between a proxy server (P-CSCF) and a user equipment (UE). 
Paragraph [0040] of Pirttimaa discusses registering an IMPU at a SIP REGISTER server 
(S-CSCF). The registering of the IMPU is discussed in further detail in paragraphs 
[0041]-[0043]. As depicted in Figure 2, it is clear that the process of registering the 
IMPU at the S-CSCF, including sending the SIP REGISTER message, happens after the 
security association has been set up. 

Therefore, the applicant respectfully submits that the "SIP REGISTER message" 
cannot be interpreted as being the same as the "prefix value" in the present independent 
claims, since the SIP REGISTER message is sent between the UE and the S-CSCF after 
the security association has been established. Indeed, the security association in Pirttimaa 
is not set up using the SIP REGISTER message. 

Furthermore, "security association" is a term of art which is understood to involve 
the passing of secrets or keys in order that a secure connection between communicating 
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parties may be established. Applicant respectfully asserts that Pirttimmaa only discloses 
a "security association," if at all, between the P-CSCF and the UE. The messaging 
between the UE and the S-CSCF (via the P-CSCF) is not part of the process of 
establishing a security association, since no such secrets or keys are passed in this 
messaging. Rather, as mentioned above, this messaging between the UE and S-CSCF is 
carried out in order to register an IMPU of the UE and for the S-CSCF to verify that the 
IMPU is bound to the IMPI of the UE. Thus, Applicant submits that Pirttimaa fails to 
disclose or suggest all the limitations of claims 1, 26, 29, 31-32, 38, and 40-41. 

Additionally, it should be noted that an advantage provided by at least some 
embodiments of the claimed invention is that when a UE changes IP addresses, such as 
when the UE moves from one cell or network to another, there is no need to create a new 
security association with a proxy. Thus, ongoing sessions can be maintained and 
resources are saved by avoiding having to negotiate a new security association. Also, a 
UE is able to send packets with different source IP addresses protected in the same 
security association. Pirttimaa is in no way concerned with avoiding setting up security 
associations as mobile nodes more, or with sending packets from the same UE with 
different source IP addresses. Additionally, there is no teaching within Pirttimaa which 
would motivate the skilled person to modify Pirrtimaa to arrive at the present claims. 

In light of the distinctions between Pirttimmaa and the claimed invention. 
Applicant respectfully points out the high burden for establishing a § 102(e) rejection. 
Indeed, MPEP § 2131 states that '"[a] claim is anticipated only if each and every ele- 

-17- Application No.: 10/615,419 



ment as set forth in the claim is found, either expressly or inherently described, in a 
single prior art reference.' Verdegaal Bros. v. Union Oil Co. of California, 814 F.2d 628, 
631, 2 USPQ2d 1051, 1053 (Fed. Cir. 1987)" (emphasis added). '"The identical 
invention must be shown in as complete detail as is contained in the ... claim.' 
Richardson v. Suzuki Motor Co., 868 F.2d 1226, 1236, 9 USPQ2d 1913, 1920 (Fed. Cir. 
1989)" (emphasis added). Moreover, "[e]very element of the claimed invention must be 
literally present, arranged as in the claim." Id. (emphasis added). 

As Applicant has indicated above, Pirttimmaa fails to disclose or suggest all the 
limitations of claims 1, 26, 29, 31-32, 38, and 40-41. Therefore, Applicant respectfully 
requests that the rejection of claims 1, 26, 29, 31-32, 38, and 40-41 be withdrawn. 
Similarly, Applicant respectfully requests that the rejection of claims 2-3, 5-8, 12, 28, 33, 
35, and 37 be withdrawn for their dependency from claims 1, 26, and 31, and for the 
patentable subject matter recited therein. Applicant also respectfully asserts that 
patentability of new claims 38-57 for similar reasons. 

Conclusion 

If for any reason the Examiner determines that the application is not now in 
condition for allowance, it is respectfully requested that the Examiner contact, by 
telephone, the applicants' undersigned representative at the indicated telephone number 
to arrange for an interview to expedite the disposition of this application. 
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In the event this paper is not being timely filed, the applicants respectfully petition 
for an appropriate extension of time. Any fees for such an extension together with any 
additional fees may be charged to Counsel's Deposit Account 50-2222. 



Customer No. 32294 
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